The naming in the docs is throwing me off. Is the code field the same thing as the “Verification Code” on the mange API access page? I’m trying to avoid logging in and get an auth token manually. Where does the “Key ID” come in to play?

Also, just to be sure. The Authorization is Basic base64(client id:secret key) right? Again, naming and docs do not match.

If you want to use oauth, then you need to use the SSO and apply different scopes to your application so that the user authorizes access to that information (you don’t use the keyID and vcode supplied by a user).